Fine Grain AuditingPosted: July 2, 2007
A customer wants us to use Fine Grain Auditing (FGA) to track some changes being made on his schema. The requirements are even more vague than the usual customer requests – he doesn’t know which operations on which tables he wants to track, but he knows that it must be Fine Grain Auditing. Some day I’ll find a way to prevent Oracle marketing from talking to our customers.
The one thing the customer requires is that FGA should have no performance impact on our system. My job is to set up tests and benchmarks so we will have more concrete information on when we can expect FGA to have no impact, and when we will feel a performance degredation.
Allow me to recommend “Fine-Grained Auditing for Real-World Problems” by Arup Nanda as a terrific place to begin learning about FGA. The examples are crystal clear, he covers the important features, tables and methods. If you read carefully you’ll also learn non trivial facts about FGA – such as the importance of collecting statistics on the tables you audit. After reading Nanda’s article, you can refer to the “Oracle® Database PL/SQL Packages and Types Reference” as the definitive usage instructions.
If you want to read a bit about the possible performance impact of FGA, you’ll probably find that there is absolutely no material about this anywhere. Which is rather frusturating, really. I’m sure Oracle tested FGA and has some numbers about the possible performance impact, at least in some cases. Why don’t they release this information?